News and Events

Inevitably, if you work anywhere in the Federal space, you have had some involvement with the process of getting an IT system accredited for use. The names and processes have changed slightly over the years and the governance depends on what agency you support. While NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems A Security Life Cycle Approach” is now largely adopted across the board, we have used a variety of security controls and processes over the years ––NIST SP 800-53 (multiple revisions), DISA STIGs, DITSCAP/DIACAP/DIARMF, ICD 503 (DCID 6/3), etc. Throughout them all,…

When it comes to setting New Year’s resolutions, most people shoot for the moon. We tell ourselves we will give up carbs, go running every morning, become a vegan or even give up drinking alcohol. Inevitability, three weeks later, we find ourselves right back where we started. As security professionals, responsible for keeping the bad guys out and reducing the risk of data breaches, we find ourselves right back where we started too — we fundamentally do not really improve our security posture, and then wonder why not. We are very similar to our consumer counterparts, because we set lofty…

Yesterday, ICIT published the first in a series of research reports as part of an identity management and cyber hygiene initiative, entitled, “ICIT Analysis: Identity and Access Management Solutions: Automating Cybersecurity While Embedding Pervasive and Ubiquitous Cyber-Hygiene-by-Design.“ Wow, what a title. But worthy of the topic. ICIT Sr. Fellow James Scott and Researcher Drew Spaniel did a thorough job identifying the various pitfalls of cybersecurity and ensuring everyone in the organization cares about cyber hygiene and is on top of their game. They offered several good ideas to meet the needs of today’s environment, such as use a digital representation…

The growth of mobile devices, social media and big data have resulted in companies relying heavily on outsourced IT and cloud services. Thereby, the focus towards privileged access for third-parties is also gaining prominence, helping companies to minimize risks of data theft and violation of compliance regulations. Traditionally, most of the systems were on-premises, and secure access was provided to the data center. With companies moving to the cloud, broader access is required and the chances of people with malicious intent gaining access is also increasing. Take for example, any e-commerce company. For these businesses to grow there is a…

Access to sensitive data is a constant worry; we only need to switch on the news to see another story of an attack or data breach. With concern mounting, it’s easy to see why there is high demand for new solutions to combat these threats. With many businesses struggling to keep up with the demands of employees working in different locations, logging on from home, or traveling with mobile devices, there is an increasing need to manage the security of employee accounts. Appropriate assignment of administrative privileges is seen as one of the top security challenges. Restricting and protecting highly…

Information has become the lifeblood of our modern economy. Vast piles of data are stacking up everywhere in massive data centers all over the world. Whole companies and whole industries have been formed and evaporated trying to solve the fundamental challenge with so much data – how to get value from the data by understanding it all. Now that we know this data has so much value we must make sure we keep this valuable information secret from prying eyes. Perhaps you have heard about the great efforts Coca Cola has taken to protect the secret recipe for Coke? This is…

Over the past six months, more than 10 of Hortonworks customers have come to us to explain how they were looking to start using Centrify to secure their Hortonworks Data Platform (HDP) environments. We took the time to understand and enable each of these customers’ use cases around secure and centralized identity management for HDP users and admins. With today’s big data solution announcement from Centrify, we have productized those use cases and lessons, and partnered with Hortonworks to certify the capabilities – allowing us to jointly take this solution to market. With this blog, I want to walk you through some…

We are awash in data. We know this. We have known this for a long time. Ever since the first storage media was created in the 20th Century we have been puzzling over what to do with all the data we create using computers. Enter Hadoop. For those of you living under a technological rock Hadoop is BIG. IT’S BIG DATA. Here is a little infographic that illustrates the point: So why is it so big and what can Centrify do about it? Well first it is BIG from an investment and IT spending standpoint, as it is one of the single…

Centrify CEO Tom Kemp, an industry expert in security and infrastructure software, discusses market and technology issues around the disruption occurring in the Identity and Access Management market due to the cloud, mobile and consumerization of IT trends occurring in today's IT environment.